Dropbox upgrades security after hack

Dropbox, the cloud file storage service, plans to upgrade its security system
after user emails were stolen by hackers last month.

Dropbox is used by more than 300 million people worldwide.

3:32PM BST 01 Aug 2012

Hackers used a stolen password to access a Dropbox employee's account and gain access to a document containing email addresses for members of the service.

In a post on the Dropbox website, Aditya Agarwal, the company's director of engineering, wrote: "Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We’ve contacted these users and have helped them protect their accounts."

Agarwal said that Dropbox will now offer two-factor authentication for members, giving the option of using two forms of identity before access to an account is granted. He said the company was also adding new automated systems to monitor suspicious activity and a new page allowing members to see all active logins on their account.

He added: "At the same time, we strongly recommend you improve your online safety by setting a unique password for each website you use. Though it’s easy to reuse the same password on different websites, this means if any one site is compromised, all your accounts are at risk."

The warning from Dropbox comes after months of hacking incidents at high-profile websites. Last month, nearly half a million email addresses and passwords of Yahoo account holders were published online. In June, more than six million passwords for the professional social networking service LinkedIn were published online. Days later music website Last.fm warned users of a potential password theft.